Transmitting sensitive files online is becoming more risky every day. There are chances that your sensitive corporate data can be easily accessed by 3rd-parties—especially when the file transfers happen over insecure channels, or when data is stored on the public cloud. The most common methods used for this purpose are emails or FTPs which are vulnerable to attacks because:
• Files are sent without encryption
• No control over the transferred files
• Lack of advanced options like session auditing
To ensure the security of your files during transfer, you can send them via Secure File Transfer Protocol (SFTP), a method that requires an SSH secure file transfer client. SFTP is secure because it encrypts the file transfer connection and it provides stronger authentication. Typically, in an SSH file transfer, data is encrypted throughout the SSH connection and decryption happens at both ends (server as well as the client). Though these are some of the most used protocols to secure data during file transfer, when it comes to the operating medium and data storage, there are still uncertainties over data security.
Cloud is a common way of file transfer and many organizations adopt that as a default means of file transfer. But the million dollar question is whether to cloud or not to cloud?
Why not to cloud your File Transfer?
Recent research revealed that about 48% of the surveyed organizations in the UK were using cloud-based file hosting services. Some major revelations were:
• For 74% of the surveyed organizations, the major concern with sharing files outside of the corporate firewall was malware infection.
• For 54%, the major concern was information theft.
Fueling their concerns further, cloud-based file transfer has been in the spotlight for quite some time and so much has been spoken about its security vulnerabilities, especially when it comes to sensitive customer data.
Let us consider a solution like Dropbox: It was a big sensation last year when a number of usernames and passwords of Dropbox accounts were compromised resulting in a spamming campaign to a number of Dropbox users. Similarly, there was another breach in 2011 that exposed hundreds of accounts without proper authentication. Adding to the users’ woes, the Dropbox service as a whole wasn't available early this year.
How secure are cloud based file transfer solutions? Not having your data secure can be costly because breaches can have a direct impact on your business reputation and customers’ trust level. The more sensitive and confidential data you handle, the more secure you need to be. Cloud-based solutions are not always able to accommodate your security requirements. Fortunately, that is not the only option you have.
Self-hosted managed file transfer (MFT) is a much more secure alternative as it provides certificate-based authentication.
Here are some criteria that you can use as guidelines to choose the right managed file transfer solution:
• Does it provide security for data that’s both at rest and in motion?
• Does it provide certificate-based authentication?
• Does it allow monitoring file transfer progress in real time?
• Does it report transfer activity and access?
• Does it provide internal resource protection?
• What B2B/E-Commerce protocols does it support?
You cannot afford to lose control of your data. Secure your files and stay safe!